While our main focus is as a provider of IT compliance and security consulting services, we have been called in to help a few small businesses handle security incidents and data breaches. These calls come to us after the client has discovered there’s been a security incident or data breach and as a result is seeking to […]
Just as in the 1980s when manufacturing companies recognized that quality was an attribute that had to baked into every facet of an organization (from design, production, delivery, and through product lifecycle), not inspected in at the end of the process, effective cyber security depends on every employee playing a part in keeping the enterprise secure.
The most sophisticated and […]
At the same time that consumers and manufacturers are getting excited about the potential opportunities, capabilities, and revenue that the Internet of Things (IoT) enhanced devices can offer, many are already starting to understand the frightening lack of essential security functionality and the potentially overwhelming opportunities for exploitation.
The IoT is only in its infancy and […]
Technology is only as effective as the people that operate it.
Cybersecurity awareness training is the most cost effective investment any organization can make in preventing data breaches, system compromise, reputational damage, and loss of intellectual property.
No one is born knowing how to use computers and networks securely. There are basic dos and don’ts […]
One of the most popular exploitation methods used by hackers when targeting social media users is social engineering. Using confidence tricks, a hacker can manipulate his target into performing actions or disclosing confidential information. If pulled off successfully, a social engineering attack could result in a hacker gaining complete access to its target’s social media account with little effort.
Picking up on the conversation from my previous post, the Internet of Things continues to pose challenges for many manufactures as they now have to think about network security for new versions of their products.
One of the worries about the future of the Internet of Things (IoT) is that many of the manufactures that are […]
I’d like to pose a question: What do you think the security implications of connecting various popular IoT consumer electronic devices is?
A) No harder than it was for other new devices like laptops, wireless connections and smartphones, or
B) No easier than it was for previous new devices.
The answer is […]
As smartphones continue to increase in popularity, people can find USB charging stations in almost any location. From airports to malls, businesses are offering their customers a convenient way to keep a full charge. Without much thought, most people are quick to plug their devices into any random USB port that they might find, but doing so […]
Most companies are very good at protecting data that they know about and consider sensitive – they restrict access to the HR systems where compensation data is available. They put access controls and monitoring procedures on systems that store critical intellectual property like formulas or key financial analytics.
Typically, they have formal policies and associated technology […]
The goal of threat intelligence (TI) is to recognize indicators of attacks as they progress and act upon those indicators in a timely manner. TI is not a mature area for most organizations.
While tools to automate TI exist and are evolving, most organizations are still using informal ad hoc mechanisms or a small number […]
Cybersecurity is a topic that many small and most medium-sized businesses care about due to all of the news stories about data breaches, identity theft, and ransomware that have appeared in the last several years. Some small and medium-sized businesses have realized that having a strong cybersecurity program can be a strategic asset for their particular market […]
With recent news of Singapore disconnecting its government networks from internet access, and now requiring civil servants to use separate computers, I was asked to comment on the security issues this cybersecurity segregation will cause.
Deciding to disconnect from the Internet is clearly a difficult decision and more than likely a result of a reaction to […]
While the security of IoT devices is a growing area of concern for the enterprise, the biggest IoT risk for businesses is if they decide to react to IoT issues rather than plan and prepare for them. Everybody knows that the earlier in a cycle you can deal with a problem, the less expensive it […]
I was recently asked to comment on what businesses can do to reduce the security risks of Shadow IT. To read the full article click here and if you just want to read my comments – see below.
Plain talk shadow IT exists when corporate IT is failing in a fundamental way.
Weve seen currency traders set up […]